Many corporate IT departments are finally getting what they’ve been waiting for, as AT&T rolls out its network-based firewall, which is expected to help ward off the latest virus and worm outbreaks in a simpler, more cost-effective manner.
AT&T’s managed security service, known as Internet Protect, will now help stop network viruses in the early stages, before the malicious code can spread or impact network performance and data, AT&T said.
The new capabilities, to be available early next year, are an integration of virus and worm countermeasures combined with AT&T’s network-based firewall, which eliminates the need for individual firewalls at each company branch.
Security experts expect many companies to take advantage of AT&T’s network-based defense. They also indicated, however, that the network firewall does not yet include actual antivirus technology and is not for everyone.
“I think there’s a market for it,” iDefense director of malicious codeintelligence Ken Dunham told TechNewsWorld. “But it’s not for everyone andit’s not a silver bullet.”
Managed Mitigation
AT&T said its technology will protect corporatebranch offices and various locations and users from viruses and worms.Protection against denial of service (DoS) attacks was unveiled by AT&Tin a similar announcement last June.
“By deploying early identification and mitigation capabilities from cyberattacks within its global Internet protocol (IP) network, AT&T can helpprevent these attacks from proliferating and infiltrating a customer’sinformation technology infrastructure — networks, servers, PCs,applications and end-user devices,” the company said in a statement.
AT&T said its firewall and overall Internet Protect service, the firstnetwork security of its kind from a major U.S. carrier, will reducecomplexity and therefore ease and strengthen security.
Dunham of iDefense agreed that it makes economic and security sense to take some security responsibilities away from smallorganizations that may not have the resources todefend themselves.
Dunham cautioned, however, that the handoff to a network securityprovider may reduce the individual outfit’s control. Still, he thinks AT&T’smanaged service will likely be a good fit for many companies.
“It’s great to have that kind of security, especially for companies intoday’s world, where launching and maintaining your own security can beextremely difficult,” Dunham said.
Wanting More
Yankee Group senior analyst Zeus Kerravala told TechNewsWorld that companieslarge and small have been waiting for security offerings such as AT&T’snetwork firewall, which was promised with the advent of virtual privatenetworks (VPNs), but actually took longer to arrive.
Kerravala, who believes network firewalls will complement rather thanreplace location-based firewalls, said there is no reason that the samenetwork-based approach could not be taken with antivirus, as well.
The analyst indicated that the approach is ideal for branch offices andtelecommuters, and that there will likely be more, similar announcements to come.
“I think it’s about time we started seeing it,” Kerravala added.
Big Step from Big Player
Webroot vice president of threat research Richard Stiennon said that because manyof today’s virus, worm and other threats are network based, it makessense that security be network-based as well.
Stiennon, who credited the carrier-level security deployment to the havocwreaked by the SQL Slammer worm nearly two years ago, praised AT&T for itsnetwork firewall offering.
“We believe it is a major step for a large provider to take a step toprovide security,” he told TechNewsWorld, adding that expectations were thatsmaller players would make such offerings.
Stiennon said the network-based security trend, which is likely tocontinue, will force equipment makers such as Cisco to build more securityinto their products, as well.
“I think that’s going to be Cisco’s biggest challenge going forward,”Stiennon said.